Vulnerabilities in Oracle Database Server

Oracle has identified vulnerabilities in Oracle REST Data Services versions 24.2.0 to 26.1.0 and Oracle Database Server versions 23.4.0 to 23.26.2. The vulnerabilities in Oracle REST Data Services allow attackers with low privileges and network access via HTTPS to perform various actions without...

CVE-2026-46833

Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. While the vulnerability is in Net Service, attac...

EUVD-2026-33014

Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this vulnerability can resul...

Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017668 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 8.0.23 and prior. Easily...

Oracle Database Server Java VM Component Data Disclosure Vulnerability

Oracle Database Server is a relational database management system with a Java VM component that supports running Java programs in the database. A data disclosure vulnerability exists in Oracle Database Server. The vulnerability arises from a failure of the Java VM component to properly handle a...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. Versions of Oracle Database Server from 23.4.0 to 23.26.1 have security...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. Versions of Oracle Database Server from 19.3 to 19.30 have security...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system with a Java VM component that supports running Java programs in the database. A data disclosure vulnerability exists in Oracle Database Server. The vulnerability arises from a failure of the Java VM component to properly handle a...

PT-2026-34135

Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Access Method privilege with network access via multiple protocols to compromise RDBMS. Successful attac...

PT-2026-34147

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 19.3 through 19.30 Oracle Database Server versions 21.3 through 21.21 Description An issue exists in the Java VM component of Oracle Database Server. An unauthenticated attacker with network access via Oracle Ne...

Oracle Database Server (January 2026 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Spatial and Graph OpenJPEG component of Oracle Database Server. Supported versions that are affected are...

EUVD-2026-3537

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...

Oracle Database Server security vulnerabilities

Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. There were security vulnerabilities in the SQLcl version of Oracle Database...

PT-2026-3722

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...

Oracle Database Server security vulnerabilities

Oracle Database Server is a relational database management system developed by Oracle Corporation in the United States. This database management system provides features such as data management and distributed processing. There were security vulnerabilities in the Java VM versions of Oracle...

CVE-2019-2619

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Grid Infrastructure User privilege with logon to the infrastructure...

CVE-2019-2516

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Grid Infrastructure User privilege with logon to the infrastructure...

CVE-2019-2569

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes...

CVE-2011-0792

Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 OWB and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Dimensional Data Modeling...

CVE-2011-0787

Unspecified vulnerability in the Application Service Level Management component in Oracle Database Server 11.1.0.7 and Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Service Level Agreements...